Do I still need an Exchange on-premises?

  • Article

I have all my mailboxes online (and no public folders). Do I still need an on-premises Exchange Server? That’s a question the FastTrack Engineers are used to hear from customers. And it makes sense: There is no apparent reason to keep a mailbox server without a single mailbox. Except that there is an important reason for it: Recipient management and the Exchange product team talks about it here.

In short, whenever you synchronize your objects (users, groups, contacts) from Active Directory to the cloud, those objects must be edited on-premises. That means you cannot change, let’s say, the primary SMTP address of a mailbox using Exchange Online Admin Center. You must do that using local Exchange administrative tools.

One might ask what if I use ADSI Edit, third party tools or even ADUC for editing Exchange-related attributes? Well… You could do that, but it is not supported. There are reasons you are required to use Exchange administrative tools and one of them is that they check attributes for consistency and health. For instance, you cannot add a duplicate SMTP address using Exchange Management Shell: It will not allow it, but ADSI edit will not check for an existing SMTP address before committing the change.

Another question we get a lot is “what If I am migrating from Google (or Lotus Domino or any other e-mail system)? And the answer is “the same applies”. If you are using directory synchronization, you must use Exchange administrative tools. It does not matter where you are coming from, but where you manage your directory does.

The recommendation

We recommend keeping one Exchange Server for management purposes only. All the messaging services should be moved off this Exchange Server, making it a lesser important piece within the high-availability scheme the messaging services seat in. That means:

  • No mailbox or public folder should be hosted in the remaining Exchange Server
  • The remaining Exchange Server should not be used for mail flow or autodiscover
  • No application should use the remaining Exchange Server except for object management

However, if you were to use cloud IDs only, you do not need an Exchange on-premises. In fact, you would not need any additional local infrastructure besides the one required for Internet connectivity.

Additionally, if you want to use an Exchange on-premises for mail relay, you can do it. But you would have to take into consideration things such as monitoring, disaster recovery, high availability, etc. Take a look at https://aka.ms/mxtips.

Finally, remember to update your Exchange on-premises. You should always run a supported version of any software you need and keep it up to date.